Re: [vote] rbac-integration branch merge to trunk
On 6 Oct 06, at 11:42 AM 6 Oct 06, Jesse McConnell wrote: summary: +1 - 8 binding would be 5 I think.. 3 is all you need with no -1s. So I'll get this merged over in the next couple of days, probably early next week actually, there are some jsp integration issues that will have to take place from what I have heard. but we'll integrate this over to trunk asap, jesse On 10/4/06, Trygve Laugstøl <[EMAIL PROTECTED]> wrote: Jesse McConnell wrote: > Brett suggested we do a vote for this today so I figured I would just > do that now. > > [-1/0/+1] vote will be open for 72 hours +1 -- Trygve -- jesse mcconnell [EMAIL PROTECTED]
Re: [vote] rbac-integration branch merge to trunk
summary: +1 - 8 binding would be 5 I think.. So I'll get this merged over in the next couple of days, probably early next week actually, there are some jsp integration issues that will have to take place from what I have heard. but we'll integrate this over to trunk asap, jesse On 10/4/06, Trygve Laugstøl <[EMAIL PROTECTED]> wrote: Jesse McConnell wrote: > Brett suggested we do a vote for this today so I figured I would just > do that now. > > [-1/0/+1] vote will be open for 72 hours +1 -- Trygve -- jesse mcconnell [EMAIL PROTECTED]
Re: [vote] rbac-integration branch merge to trunk
Jesse McConnell wrote: Brett suggested we do a vote for this today so I figured I would just do that now. [-1/0/+1] vote will be open for 72 hours +1 -- Trygve
Re: [vote] rbac-integration branch merge to trunk
+1 Emmanuel Jesse McConnell a écrit : Brett suggested we do a vote for this today so I figured I would just do that now. [-1/0/+1] vote will be open for 72 hours Pulling from the other mail, this branch was pulled a bit over a week ago to test out the plexus-security integration with continuum. Some of the added features are * full separation between application webapp and security (lightweight integration). * proper modularization for security components (authentication, authorization, policy, system, web, etc...) * rbac (role based access control) authorization provider. * full user management war overlay (using healthy chunk of maven-user to make it happen) * toggle-able guest user authorization. * remember me and single sign on authentication. * forced admin account creation (through use of interceptor) * key based authentication (remember me, single sign on, new user validation emails, and password resets). * http auth filters (basic and digest). * aggressive plexus utilization. * aggressive xwork / webwork integration. * xwork interceptors for force admin, auto login (remember me), secured action, and environment checks. * secured actions for all of the /security namespace and at least one continuum secured action (these are enforced by the pssSecureActionInterceptor) * all the password validation, user management stuff (again maven-user origins) * continuum-security artifact containing the actual static and dynamic roles, and a continuum role manager that merges permissions to the core system, user, and guest users * ifAuthorized, ifAnyAuthorized, elseAuthorized jsp tags. * placeholders for ldap authentication, authorization and user details retrieval using plexus ldap components * ability to re-use Acegi for authentication +1 from me cheers, jesse
Re: [vote] rbac-integration branch merge to trunk
+1 -john Jesse McConnell wrote: Brett suggested we do a vote for this today so I figured I would just do that now. [-1/0/+1] vote will be open for 72 hours Pulling from the other mail, this branch was pulled a bit over a week ago to test out the plexus-security integration with continuum. Some of the added features are * full separation between application webapp and security (lightweight integration). * proper modularization for security components (authentication, authorization, policy, system, web, etc...) * rbac (role based access control) authorization provider. * full user management war overlay (using healthy chunk of maven-user to make it happen) * toggle-able guest user authorization. * remember me and single sign on authentication. * forced admin account creation (through use of interceptor) * key based authentication (remember me, single sign on, new user validation emails, and password resets). * http auth filters (basic and digest). * aggressive plexus utilization. * aggressive xwork / webwork integration. * xwork interceptors for force admin, auto login (remember me), secured action, and environment checks. * secured actions for all of the /security namespace and at least one continuum secured action (these are enforced by the pssSecureActionInterceptor) * all the password validation, user management stuff (again maven-user origins) * continuum-security artifact containing the actual static and dynamic roles, and a continuum role manager that merges permissions to the core system, user, and guest users * ifAuthorized, ifAnyAuthorized, elseAuthorized jsp tags. * placeholders for ldap authentication, authorization and user details retrieval using plexus ldap components * ability to re-use Acegi for authentication +1 from me cheers, jesse -- John Casey --- Maven Developer (http://maven.apache.org) --- Website: http://www.commonjava.org Blog: http://www.ejlife.net/blogs/john